For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

GlobalPlatform September Newsletter – SESIP Seminar Barcelona, Annual Report and our new member workspace

Letter from GlobalPlatform’s Executive Director

As GlobalPlatform continues to explore important ways to bring even more trust and security to digital services and devices, we are pleased to share our Annual Report for 2022 which reflects on achievements and outlines the strategic and technical roadmap of GlobalPlatform for 2022 / 23.

We have also now launched our new Automotive Task Force and new eID Wallet Task Force, created to help stakeholders address requirements around Automotive security and the European Digital Identity Wallet scheme. You can join these groups via our member Workspace, and for those interested in participating in the Automotive Task Force don’t miss our kick-off call on September 22.

Elsewhere this month, GlobalPlatform has published a new whitepaper calling for global alignment on cybersecurity levels to ensure certification schemes are transparent, aligned with industry and accessible to end users. You can read more on this below.

Finally, a reminder that registrations are now open for our SESIP Seminar in Barcelona. We invite you to join us on October 19 at the Gran Havana Hotel, to learn how the Security Evaluation Standard for IoT Platforms (SESIP) methodology can be used to reduce the cost and complexity of IoT security evaluation and compliance with European requirements and regulations.

Register: SESIP Seminar Barcelona

With the support of Platinum sponsor, Winbond, Gold sponsor, STMicroelectronics, and Supporting sponsor SGS Brightsight, GlobalPlatform’s seminar will explore the applicability of SESIP in the context of European regulation and explain how product developers and issuers can benefit from the methodology.

Join us to hear from Amazon, Arm / PSA Certified, CEN CENELEC, ENISA, ETSI TC Cyber, Eurosmart, ECSO, Microsoft and many more, sharing insights and real-life case studies that demonstrate how SESIP:

  • Reduces complexity, cost and time-to-market for different IoT stakeholders.
  • Facilitates device certification through principles of composition and reuse across different evaluations.
  • Maps to other schemes including EN 303 645, and PSA Certified to help product manufacturers comply with specific EU security requirements and regulations.
  • Can be adopted by labs to help build consistency across IoT certification schemes.

The seminar will take place at the Gran Havana Hotel, Gran Via de les Corts Catalanes, 647, 08010 Barcelona, Spain.

If you would like to book a room at this hotel, please contact via email at grupos@granhotelhavana.com using the group code 687. The hotel does not use a booking link.

Register now

NEWS: GlobalPlatform calls for global alignment on cybersecurity levels

GlobalPlatform has released a new whitepaper highlighting the potentially confusing implementation of security levels in the EU Cybersecurity Certification Scheme (EUCC) proposed by the European Union Agency for Cybersecurity (ENISA) as part of the Cyber Security Act (CSA).

In its analysis, GlobalPlatform commends the European Union for taking a proactive approach to cybersecurity certification, before asserting that the EUCC approach may ultimately undermine confidence in product security, increase fragmentation and consumer confusion. It calls for greater industry alignment to ensure cybersecurity certification schemes are transparent, aligned with industry, and accessible to the end user.

Download the whitepaper here: https://bit.ly/3S8muxr

Read the press release

VIDEO: The EU Cybersecurity Certification Scheme & misalignment with industry

GlobalPlatform’s Security Task Force Chair, Olivier Van Nieuwenhuyze, explores how a rapidly evolving IoT can cause fragmentation between different regulations.

In the video, Olivier explains how GlobalPlatform is supporting businesses across the ecosystem in understanding the security requirements of their devices. This includes our latest whitepaper which calls for global alignment on cybersecurity levels, following the implementation of security levels in the EU Cybersecurity Certification Scheme (EUCC) which may increase ecosystem fragmentation and consumer confusion.

Watch

New member Workspace

Our new member Workspace is now live. The site includes the same documentation management, collaboration and consensus tools on the current site as well as enhanced community features including member discussion boards and events pages.

Logins for this new member website were emailed to you in July, and several tutorial videos are available on the platform to help you navigate and make the most of all its functionalities.

If you have any questions, please contact secretariat@globalplatform.org.

Visit the new workspace

GlobalPlatform Annual Report

Our annual report details key milestones achieved through the contributions of GlobalPlatform members and our priorities looking ahead. This includes the technical initiatives we are driving to support stakeholders across global markets with requirements from Post-Quantum Cryptography (PQC) and Automotive security to open source, digital identity, GSMA’s Secured Application for Mobile (SAM) and the Software Bill of Materials (SBOM).

You should have received the report with the membership renewal letter for fiscal year 2023. As a member organization, we are driven by collaboration amongst all stakeholders, working together to enhance device security and trusted connectivity. I hope you will continue to participate in this community for another year.

Download the Annual Report

BLOG: Hybrid Crypto - Anticipating the Break of Asymmetric Crypto

Hybrid cryptography utilizes a combination of algorithms from both the pre and post-quantum eras to provide security against different attack models. By developing cryptographic protocols at a sufficiently high level, it is possible to switch the underlying cryptography when the threat becomes effective.

In this blog, Chair of the GlobalPlatform Crypto Sub-Task Force, Beatrice Peirani explores this innovative form of cryptography. She goes on to discuss how GlobalPlatform is aiding connected industries in mitigating potential threats by aligning with other Standards Development Organisations including NIST.

Read the blog
Technical Documents

New Document Releases

Specifications Under Review

This new specification provides a generalization of the Secure Channel Protocol ‘03’, which allows using other block ciphers than AES and other modes for encryption and MACing, including AEAD modes. It is a first step towards crypto agility which is relevant for introducing quantum safe crypto algorithms.

This document has been made available for public review. Please provide comments by Friday September 30, 2022.

View Specification
Speaking Engagements

GlobalPlatform to speak at ICMC22

GlobalPlatform Security Task Force Chair, Olivier Van Nieuwenhuyze, Olivier Van Nieuwenhuyze, attended ICMC22 this month to present “Cryptography Standards: Bridging the Gap Between EU and US Markets”.

Register

Hear GlobalPlatform speak at ETSI IoT Week

On Friday, October 14 GlobalPlatform will be speaking at ETSI IoT Week. Sign up now to join us for our presentation “The Security Evaluation Standard for IoT Platforms (SESIP): Quantifying the benefits of re-use and mapping to ETSI EN 303 645”

Register

GlobalPlatform to speak at Identity Week

GlobalPlatform Executive Director, Ana Tavares Lattibeaudiere is speaking at this year’s Identity Week America, taking place October 4-5 in Washington DC. Ana will speak as a part of the Digital Identity track, exploring the impact of GSMA’s SAM requirements.

Register
Membership Offers

For archived newsletters

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE